Fairphone 5 /e/OS with pihole not working

Dear /e/OS community,

I’ve bought a Raspberry Pi 5 and I am running Pi-Hole in it in a docker container. The Pi is connected to my router and each device connected to my router got its fixed IP address and as local DNS server in the DHCP section I’ve configured the IP address of my Pi. Everything works great, I can see in the query logs of my Pi-Hole dashboard all queries of all my devices, EXCEPT from my FP5 e os smartphone.

I’ve tried to add static IP to my WiFi connection in the phone, specifying its IP address, gateway and especially the primary and secondary DNS server, which I configured in both cases the IP address of my Pi.

Once configured, upon inspecting the new configuration for that WifI network, I can see under the “DNS” section the following:

some IPv6 address
some IPv6 address
IP of the Pi

No matter what I do, the IP of the Pi is always the tertiary DNS server and I cannot change the order. And it is not possible to delete the first two ones. Every time a new wifi network is added, apparently e os is populating the first two dns servers by itself, even when a static ip with all other config (primary and secondary dns as IP of the Pi) is set manually and putting that manually set DNS IP on the third place.

An observation I made:

When I am deleting the Wifi network with the pi and adding it again with the custom config- for a brief moment, the first few queries - are going indeed through the pihole, but all subsequent queries do not. It seems that this happens also every time when disconnecting from the Wifi network and connecting again. Apparently the initial dns call goes through the pihole, then only through the other two dnsv6 servers further up in the dns list on the smartphone.

First I thought, maybe it is just not logged in the pihole. I’ve tested this by blacklisting completely everything from instagram. After doing that. all devices were blocked visiting instagram except the FP5 e os smartphone. Therefore the FP5 was using the other ipv6 dns servers from the list.

My assumption is that Advanced privacy is using its own dns servers with its blocklists on it, always prioritizing it, even over manually set dns servers.

It is very annoying that I cannot use my FP5 with e os with pihole together via my home network.

Has anyone a suggestion how to resolve this issue? Thanks in advance!

e os version: 2.6.3 in FP5

Regain your privacy! Adopt /e/OS the deGoogled mobile OS and online servicesphone

Have you by chance checked if “HTPPS over DNS” is deactivated? That was the cause in my case my FP5 circumvented my pihole DNS.

Its under “Settings-> Network and Internet-> Private DNS → Off”
Some browser (in my case Brave browser) do that independently of the OS settings, too and circumvent pihole’s DNS.

The Murena OS Advanced Privacy feature is not a DNS service, but a proxy with a blacklist, passing through all DNS queries to your networks normal DNS server which are not present on the blacklist.

Yes, private DNS is off.
Unfortunately still not working.

For some more context:

There are two ways setting up pihole to work by adapting the router settings. I’ll start with the currently configured way: (I have a Fritzbox 5590 cable)

  1. In the DHCP client specifies as Local DNS server the Raspberry Pi IP address. This way, when a new devices connects to the network, it knows which is the preferred DNS server.
    Here 192.168.178.28 is the IP address of the raspberry pi.

PIC1

In my case this is not strictly necessary, because I also specified for each device in my home network its static IP address (which was also specified in the router) and the DNS server 192.168.178.28. But for good measure if new devices will visit my network, they will get the DNS server via DHCP as well.

Advantage: In the query logs of pihole it is possible to distinguish which device (client) made the query, here the smarttv as working example.

PIC2

This works because when the device makes an dns request it goes directly over the raspberry pi and then over the router.

To make this work, I need to specify in the DNS router settings, that the router should use the DNSv4 servers assigned by the internet service provider

PIC3

  1. The second way is the opposite of way 1: each device has specified the IP of the router (192.168.178.1) as DNS server (Local DNS server, first pic) and the preferred DNS server needs to be the raspberry pi 192.168.178.28 (third pic).
    With this config, we lose the info which device is making a query in pihole.
    This is the case because the device first asks the router for DNS than the raspberry pi, so pihole sees only the router, resulting as client always “fritz.box” in the client column (see pic 2)

BUT:

with the second method I can actually see all queries coming from the eOS device, but I dont want to lose the info which device is making what request, so I would like to make it work with the first way.

I can add only one embedded pic per reply, pics follow in separate replys

PIC 1

PIC 2

PIC 3

If allowed, try to disable IPv6 in your router (LAN side).

This actually worked!

The thing is, pihole is quite slow in applying dns changes. when I saw your post, I was not at home and deactivated ipv6 in the router via my private VPN in my phone and it did not work. Only when I came back home and tried it again directly in my network I suddenly saw all incoming queries. pihole is strange.

Anyway, thanks a lot!

You’re very welcome :slight_smile:

Technically speaking, Pi-hole has nothing to do with your problem: IP parameters (addresses) works a different way with IPv6, a way out of Pi-hole control. Then only solution is not to use IPv6, at least in your private network.